In order to detect malicious software (e.g., viruses, worms, Trojan horses, spyware, and/or programming that gathers information about a computer/user without permission), computer systems may utilize file classification systems to identify files with certain characteristics which make it likely that the files are malicious. Although simple file classification systems may be computationally conservative, they may be over-inclusive and improperly classify clean files as malicious. Similarly, simple file classification systems may be under-inclusive, and improperly classify malicious files as clean. Thus, systems with a greater ability to detect and classify malicious and/or clean files can be desirable.